CN113225318A - Method and system for government affair big data encryption transmission and safe storage - Google Patents

Method and system for government affair big data encryption transmission and safe storage Download PDF

Info

Publication number
CN113225318A
CN113225318A CN202110400950.3A CN202110400950A CN113225318A CN 113225318 A CN113225318 A CN 113225318A CN 202110400950 A CN202110400950 A CN 202110400950A CN 113225318 A CN113225318 A CN 113225318A
Authority
CN
China
Prior art keywords
data
abstract
government affair
memory
big data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110400950.3A
Other languages
Chinese (zh)
Other versions
CN113225318B (en
Inventor
李刚
王然
刘一鸣
李旺
周鸣乐
李敏
韩德隆
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shandong Shanke Digital Economy Research Institute Co ltd
Shandong Computer Science Center National Super Computing Center in Jinan
Original Assignee
Shandong Shanke Digital Economy Research Institute Co ltd
Shandong Computer Science Center National Super Computing Center in Jinan
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shandong Shanke Digital Economy Research Institute Co ltd, Shandong Computer Science Center National Super Computing Center in Jinan filed Critical Shandong Shanke Digital Economy Research Institute Co ltd
Priority to CN202110400950.3A priority Critical patent/CN113225318B/en
Publication of CN113225318A publication Critical patent/CN113225318A/en
Application granted granted Critical
Publication of CN113225318B publication Critical patent/CN113225318B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/10File systems; File servers
    • G06F16/18File system types
    • G06F16/182Distributed file systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0643Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Software Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Power Engineering (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a method and a system for encrypted transmission and safe storage of government affair big data, wherein a data sending end extracts an abstract of the obtained government affair big data; determining the encryption level of the abstract; encrypting the government affair big data according to the encryption level to generate a government affair big data cipher text; the data sending end sends the government affair big data cipher text, the abstract and the encryption grade to the memory for storage; the data output end sends a government affair big data acquisition request to the memory; the memory confirms the encryption level of the data output end, if the encryption level passes, the government affair big data cipher text and the abstract are sent to the data output end, and a data call notification is sent to the data sending end; and after the data output end receives the data, decrypting the data, extracting the abstract, comparing the extracted abstract with the abstract in the received data, and if the extracted abstract is the same as the abstract in the received data, outputting and displaying the decrypted data. The safety and the transmission efficiency during information transmission and information storage are improved.

Description

Method and system for government affair big data encryption transmission and safe storage
Technical Field
The invention relates to the technical field of data security, in particular to a method and a system for government affair big data encryption transmission and secure storage.
Background
The statements in this section merely provide background information related to the present disclosure and may not constitute prior art.
With the rapid development of network informatization, a comprehensive informatization system which consumes a large amount of manpower and financial resources for construction becomes a key infrastructure of the country and the government; the problem of how to maintain the security of government affair information has great strategic significance in the informatization process. The data encryption technology is an important means for maintaining data security, and the data encryption translates readable data or files into unreadable codes by means of a specific encryption algorithm, so that the aim of protecting the data from illegal stealing, reading and tampering is fulfilled; the SSL protocol is a security and data integrity protocol provided by network communication. Its main roles are security and trust. Security is the encryption of data transmitted in the network using the above-mentioned encryption algorithm, while trust is the issuance of certificates to network nodes to determine identity.
The single network security algorithm cannot ensure the security of data in storage and transmission, and the symmetric encryption algorithm cannot ensure the security of a public key; the strength of the asymmetric encryption algorithm is complex and the transmission efficiency is difficult to ensure. The traditional storage equipment is easy to damage and cannot meet the storage requirement of big data without backup; when the plaintext data are directly stored in the storage middleware, an unreliable third-party database administrator can randomly access the data, so that data leakage is caused. The existing encryption system cannot completely meet the requirements of government affair big data secure transmission and storage, so a more comprehensive security protection mechanism is needed to make up the deficiency of a single encryption algorithm, improve the security and improve the transmission efficiency.
Disclosure of Invention
In order to solve the defects of the prior art, the invention provides a method and a system for government affair big data encryption transmission and safe storage; the safety of data transmission and storage is improved.
In a first aspect, the invention provides a method for government affair big data encryption transmission and safe storage;
a government affair big data encryption transmission and secure storage method comprises the following steps:
the data sending end extracts the obtained government affair big data in an abstract mode; determining the encryption level of the abstract; encrypting the government affair big data according to the encryption level to generate a government affair big data cipher text;
the data sending end sends the government affair big data cipher text, the abstract and the encryption grade to the memory for storage;
the data output end sends a government affair big data acquisition request to the memory; the memory confirms the encryption level of the data output end, and if the confirmation is passed, the memory sends the government affair big data cipher text and the abstract to the data output end and sends a data called notice to the data sending end;
and after the data output end receives the data, decrypting the received data, extracting the abstract, comparing the extracted abstract with the abstract in the received data, and if the extracted abstract is the same as the abstract in the received data, outputting and displaying the decrypted data.
In a second aspect, the invention provides a system for government affair big data encryption transmission and secure storage;
a system for government affair big data encryption transmission and safe storage comprises: the system comprises a sending end, a storage and a receiving end which are connected in sequence;
a data sender configured to: abstract extraction is carried out on the acquired government affair big data; determining the encryption level of the abstract; encrypting the government affair big data according to the encryption level to generate a government affair big data cipher text;
a data sender configured to: sending the government affair big data cipher text, the abstract and the encryption level to a memory for storage;
a data output configured to: sending a government affair big data acquisition request to a memory;
a memory configured to: confirming the encryption level of the data output end, if the confirmation is passed, sending the government affair big data cipher text and the abstract to the data output end by the memory, and sending a data called notice to the data sending end;
a data output configured to: after receiving the data, decrypting the received data, extracting the abstract, comparing the extracted abstract with the abstract in the received data, and if the extracted abstract and the abstract in the received data are the same, outputting and displaying the decrypted data; and if the comparison result is inconsistent, discarding the decrypted packet and sending the retransmission data request to the memory again.
Compared with the prior art, the invention has the beneficial effects that:
some uniqueness is possessed with respect to the government affairs big data, including higher authenticity, originality, completeness, fairness, sustainability, and openability. According to the scheme, various encryption algorithms and a secure transmission protocol are adopted to carry out encryption transmission on data, so that the safety of information transmission and information storage is improved, and the transmission efficiency is improved. Keyword comparison is carried out among different transmission components for multiple times, and integrity of government affair information is guaranteed. The Hadoop middleware is selected to realize large-scale distributed storage, encrypted ciphertext is directly stored in the Hadoop, the possibility that information is tampered and leaked in a third-party memory is avoided, and the originality and integrity of the information are maintained as much as possible.
Advantages of additional aspects of the invention will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, are included to provide a further understanding of the invention, and are incorporated in and constitute a part of this specification, illustrate exemplary embodiments of the invention and together with the description serve to explain the invention and not to limit the invention.
FIG. 1 is a flow chart of method steps in accordance with a first embodiment of the present invention;
fig. 2 is a SSL protocol according to the first embodiment of the present invention.
Detailed Description
It is to be understood that the following detailed description is exemplary and is intended to provide further explanation of the invention as claimed. Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs.
It is noted that the terminology used herein is for the purpose of describing particular embodiments only and is not intended to be limiting of exemplary embodiments according to the invention. As used herein, the singular forms "a", "an", and "the" are intended to include the plural forms as well, unless the context clearly indicates otherwise, and it should be understood that the terms "comprises" and "comprising", and any variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
The embodiments and features of the embodiments of the present invention may be combined with each other without conflict.
Example one
The embodiment provides a method for government affair big data encryption transmission and safe storage;
as shown in fig. 1, a method for government affair big data encryption transmission and secure storage includes:
s101: the data sending end extracts the obtained government affair big data in an abstract mode; determining the encryption level of the abstract; encrypting the government affair big data according to the encryption level to generate a government affair big data cipher text;
s102: the data sending end sends the government affair big data cipher text, the abstract and the encryption grade to the memory for storage;
s103: the data output end sends a government affair big data acquisition request to the memory;
the memory confirms the encryption level of the data output end, and if the confirmation is passed, the memory sends the government affair big data cipher text and the abstract to the data output end and sends a data called notice to the data sending end;
s104: and after the data output end receives the data, decrypting the received data, extracting the abstract, comparing the extracted abstract with the abstract in the received data, and if the extracted abstract is the same as the abstract in the received data, outputting and displaying the decrypted data.
Further, the step S101: the data sending end extracts the obtained government affair big data in an abstract mode; the method specifically comprises the following steps:
the data sending end adopts an MD5 algorithm to process the acquired government affair big data to obtain an MD5 code, and the MD5 code is used for document comparison;
and the data sending end also adopts a TextRank algorithm to process the obtained big government data to obtain keywords of the big government data, and the obtained keywords of the big government data are used for generating an encryption grade.
The TextRank algorithm calculates the importance of each word based on the co-occurrence relationship between the words.
Selecting words, forming a word graph G (V, E), forming a node set V by the selected words, iteratively calculating the weight of each word, sequencing the keywords according to the weights from large to small, extracting the first t keywords, and determining the encryption level of the abstract according to the first t keywords.
Selecting words, and carrying out sentence division and word division on a given text; performing part-of-speech tagging on the divided words, generally selecting verbs, nouns and adjectives to form a word graph G (V, E), forming a node set V by the selected words, constructing an edge between any two points by adopting a co-occurrence relation, wherein the edge between the two nodes is only co-occurred when the corresponding words are co-occurred in a window with the length of K; iteratively calculating the weight of each word until convergence; the t words with the largest weight are called keywords.
The formula for iteratively calculating the word weight is as follows:
Figure BDA0003020346500000061
wherein WS (V)i) The weight of the sentence i is represented, the summation on the right side of the equal sign represents the contribution degree of each adjacent sentence to the sentence, all the sentences are considered to be adjacent in a single document, the generation and extraction of a plurality of windows are not needed to be carried out like a plurality of documents, only a single document window is needed, and W isjiRepresenting the similarity of two sentences; in (V)i) Is the set of in-chains with the pointing word i, out (V), that exists throughout the documentj) Is the set of links present in word j that point to all external web pages, | out (V)j) I is the number of elements in the set; WS (V)j) Representing the weight of the last iterated sentence j. d is the damping coefficient, typically 0.85.
And performing data filling, initial value setting and four-round cyclic operation on the government affair big data to generate an MD5 code, and further transmitting the MD5 code and the key words.
Data filling: after the data is filled with one 1 and N0 s until the length of the message is equal to 448 as a result of the remainder of 512, the length of the message is N × 512+448(bit) after the filling.
Initial value setting: a structure is initially defined. The structure contains one plaintext block and the computed hash value at a time that needs to be processed.
Four-wheel cycle: 16 runs were performed per round. Each operation operates on three of a, b, c, and d with a non-linear function, and then adds the result to a fourth variable, a sub-group of text and a constant. The result is then shifted to the left by an indefinite number and added to one of a, b, c or d. Finally, one of a, b, c or d is replaced by the result. Four rounds are performed according to the calculation.
Illustratively, the government affairs big data, for example: government documents, government financial data. For example: notification about long-term care insurance method in XX city of issue
Illustratively, the keywords of the government affairs big data are, for example: the method comprises the MD5 code and keywords extracted by the TextRank, the MD5 code is used for error checking, and the keywords are used for retrieval.
Illustratively, the MD5 code, for example: MD5("message digest") -f 96b697d7cb7938d525a2f31aaf161d 0.
Further, the step S101: determining the encryption level of the abstract; the method specifically comprises the following steps:
and inputting keywords based on the government affair big data into a pre-trained model, and outputting the encryption level.
Further, the training step of the pre-trained model comprises:
constructing a training set, wherein the training set is keywords with known encryption levels;
and inputting the training set into a neural network model, and training the model to obtain a pre-trained model.
Further, the step S101: encrypting the government affair big data according to the encryption level to generate a government affair big data cipher text; the method specifically comprises the following steps:
s1011: symmetrically encrypting the government affair big data according to the encryption level to generate a public key PK1 and a corresponding government affair big data ciphertext;
s1012: the public key PK1 is asymmetrically encrypted by adopting an asymmetric encryption algorithm to generate a cipher text encrypted by the public key PK2 and the public key PK2 and a private key SK 1.
Illustratively, the symmetric key adopts an algorithm of a DES algorithm. The integrity check key is 8 bits, and the remaining 56 bits on the key participate in the DES operation. And generating a cipher text for the government affair big data by using a DES algorithm.
Illustratively, the algorithm used in the asymmetric encryption algorithm is an RSA algorithm.
Further, after the step S101, before the step S102, the method further includes:
s101-2: an SSL secure channel is established between the data sender and the memory, and between the memory and the data output.
Further, the step S101-2: SSL secure channels are established between the data sending end and the memory and between the memory and the data output end; the method specifically comprises the following steps:
s101-21): in the version number negotiation stage, both information interaction parties determine the use version of the SSL protocol;
s101-22): in the key and algorithm negotiation stage, the two information interaction parties negotiate the used encryption algorithm according to the algorithm supported by the two information interaction parties;
s101-23): in the authentication stage, a Client terminal initiates an authentication request to a server terminal, and the server terminal authenticates the Client terminal;
s101-24): in the session request stage, after passing the authentication, the Client terminal sends a session request to the server terminal;
s101-25): and in the interactive session stage, after the session request is passed, the Client terminal and the server terminal carry out information interaction.
When data is transmitted in a communication party, the Client terminal and the server terminal respectively represent different modules, when the data is transmitted from the data transmitting terminal to the memory, the data transmitting terminal is used as the Client terminal, and the memory is used as the server terminal; when data is sent from the memory to the data output end, the memory is used as a set end, and the data output end is used as a Client end.
Further, as shown in fig. 2, the step S101-21) further includes, before the step S:
s101-20): the two communicating parties perform a three-way handshake.
The two communication parties carry out three-way handshake; the method specifically comprises the following steps:
s101-201): generating a first random number by the Client terminal, carrying a version number and an encryption mode to generate a handshake request message, receiving the handshake request message by the server terminal, then performing information confirmation, and returning a handshake response message after the confirmation is completed;
s101-202): the Client terminal generates a second random number, generates a handshake request message with a CA certificate and then sends the handshake request message to the server terminal, and the server terminal returns a handshake response message after confirming that the CA certificate is valid;
s101-203): the Client side sends the message digests of the first two times and generates a third random number and encrypts the third random number by using the public key in the CA certificate. Sending the encrypted handshake request message to a server end;
s101-204): the server receives the third random number and decrypts it with the private key in the certificate, and verifies the message digests of the previous two times. Finally, the two parties generate a safe transmission channel.
Further, the S102: the data sending end sends the government affair big data cipher text, the abstract and the encryption grade to the memory for storage; the method specifically comprises the following steps:
the data transmitting end transmits the encrypted ciphertext of the public key PK2, the government affair big data ciphertext, the summary and the encryption level to the memory for storage.
Illustratively, the memory is a Hadoop memory.
Further, the step S103: the data output end sends a government affair big data acquisition request to the memory; the method specifically comprises the following steps:
the data output end sends a government affair big data acquisition request to the memory; the acquisition request includes an encryption level of the data output.
Further, the step S103: the memory confirms the encryption level of the data output end, and if the confirmation is passed, the memory sends the government affair big data cipher text and the abstract to the data output end and sends a data called notice to the data sending end; the method specifically comprises the following steps:
the memory compares the encryption level of the data output end with the encryption level stored in the memory, and if the comparison result is consistent, the memory sends the encrypted ciphertext of the public key PK2, the government affair big data ciphertext and the abstract to the data output end, and sends a data call notification to the data sending end.
Further, the S104: after the data output end receives the data, the received data is decrypted and the abstract is extracted, the extracted abstract is compared with the abstract in the received data, if the two abstracts are the same, the decrypted data is output and displayed, and the method specifically comprises the following steps:
after the data output end receives the data, the private key SK1 is used for decrypting the ciphertext encrypted by the public key PK2 to obtain a public key PK 1;
decrypting the big government data ciphertext according to the public key PK1 to obtain decrypted big government data;
carrying out abstract extraction on the decrypted government affair big data;
and comparing the extracted abstract with the abstract in the received data, and if the extracted abstract and the abstract in the received data are the same, outputting and displaying the decrypted data.
The invention comprises the following processes: symmetrically encrypting the government affair big data, and managing a secret key of a symmetric algorithm by adopting an asymmetric encryption algorithm; SSL secure channels are established between the data sending end and the Hadoop memory and between the Hadoop memory and the data output end, and the sending end sends data packets to the Hadoop memory; the data output end applies for the required government affair big data to the Hadoop memory, the Hadoop confirms the encryption grade of the data output end, and after the confirmation is finished, the Hadoop memory returns a data packet to the data output end and sends a data called notice to the data sending end; and the data output end decrypts the data after receiving the data, extracts the abstract by adopting a keyword extraction algorithm, compares the extracted abstract with the metadata abstract transmitted by the Hadoop memory, and outputs and displays the decrypted data after the comparison is finished.
Example two:
the embodiment also provides a system for government affair big data encryption transmission and safe storage;
a system for government affair big data encryption transmission and safe storage comprises: the system comprises a sending end, a storage and a receiving end which are connected in sequence;
a data sender configured to: abstract extraction is carried out on the acquired government affair big data; determining the encryption level of the abstract; encrypting the government affair big data according to the encryption level to generate a government affair big data cipher text;
a data sender configured to: sending the government affair big data cipher text, the abstract and the encryption level to a memory for storage;
a data output configured to: sending a government affair big data acquisition request to a memory;
a memory configured to: confirming the encryption level of the data output end, if the confirmation is passed, sending the government affair big data cipher text and the abstract to the data output end by the memory, and sending a data called notice to the data sending end;
a data output configured to: after receiving the data, decrypting the received data, extracting the abstract, comparing the extracted abstract with the abstract in the received data, and if the extracted abstract and the abstract in the received data are the same, outputting and displaying the decrypted data; and if the comparison result is inconsistent, discarding the decrypted packet and sending the retransmission data request to the memory again.
Those skilled in the art should know that details of the working steps of the sending end, the memory and the receiving end in the system for government affair big data encryption transmission and secure storage in the second embodiment correspond to those in the first embodiment one to one, and are not described herein again.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. A government affair big data encryption transmission and safe storage method is characterized by comprising the following steps:
the data sending end extracts the obtained government affair big data in an abstract mode; determining the encryption level of the abstract; encrypting the government affair big data according to the encryption level to generate a government affair big data cipher text;
the data sending end sends the government affair big data cipher text, the abstract and the encryption grade to the memory for storage;
the data output end sends a government affair big data acquisition request to the memory; the memory confirms the encryption level of the data output end, and if the confirmation is passed, the memory sends the government affair big data cipher text and the abstract to the data output end and sends a data called notice to the data sending end;
and after the data output end receives the data, decrypting the received data, extracting the abstract, comparing the extracted abstract with the abstract in the received data, and if the extracted abstract is the same as the abstract in the received data, outputting and displaying the decrypted data.
2. The method for the encrypted transmission and the safe storage of the government affair big data according to claim 1, wherein the data sending end abstracts the obtained government affair big data; the method specifically comprises the following steps:
the data sending end adopts an MD5 algorithm to process the acquired government affair big data to obtain an MD5 code, and the MD5 code is used for document comparison;
and the data sending end also adopts a TextRank algorithm to process the obtained big government data to obtain keywords of the big government data, and the obtained keywords of the big government data are used for generating an encryption grade.
3. The method for the encrypted transmission and the safe storage of the government affair big data according to the claim 1, wherein the government affair big data is encrypted according to the encryption level to generate a government affair big data ciphertext; the method specifically comprises the following steps:
symmetrically encrypting the government affair big data according to the encryption level to generate a public key PK1 and a corresponding government affair big data ciphertext;
the public key PK1 is asymmetrically encrypted by adopting an asymmetric encryption algorithm to generate a public key PK2 and a private key SK 1.
4. The method for the encrypted transmission and the safe storage of the government affair big data according to claim 1, wherein the data sending end abstracts the obtained government affair big data; determining the encryption level of the abstract; after the big government data is encrypted according to the encryption level and a big government data ciphertext is generated, the data sending end sends the big government data ciphertext, the abstract and the encryption level to a memory for storage, and the method further comprises the following steps:
an SSL secure channel is established between the data sender and the memory, and between the memory and the data output.
5. The method for the encrypted transmission and the safe storage of the government affair big data according to claim 4, wherein SSL safe channels are established between the data sending end and the memory and between the memory and the data output end; the method specifically comprises the following steps:
in the version number negotiation stage, both information interaction parties determine the use version of the SSL protocol;
in the key and algorithm negotiation stage, the two information interaction parties negotiate the used encryption algorithm according to the algorithm supported by the two information interaction parties;
in the authentication stage, a Client terminal initiates an authentication request to a server terminal, and the server terminal authenticates the Client terminal;
in the session request stage, after passing the authentication, the Client terminal sends a session request to the server terminal;
and in the interactive session stage, after the session request is passed, the Client terminal and the server terminal carry out information interaction.
6. The method for the encrypted transmission and the safe storage of the government affair big data according to claim 1, wherein the data sending end sends the cryptograph, the abstract and the encryption level of the government affair big data to the memory for storage; the method specifically comprises the following steps:
the data transmitting end transmits the encrypted ciphertext of the public key PK2, the government affair big data ciphertext, the summary and the encryption level to the memory for storage.
7. The method for the encrypted transmission and the safe storage of the government affair big data according to claim 1, wherein the data output end sends a government affair big data acquisition request to the memory; the method specifically comprises the following steps:
the data output end sends a government affair big data acquisition request to the memory; the acquisition request includes an encryption level of the data output.
8. The method for the encrypted transmission and the safe storage of the government affair big data according to claim 1, wherein the memory confirms the encryption level of the data output end, and if the confirmation is passed, the memory sends the government affair big data cryptograph and the abstract to the data output end and sends a data called notice to the data sending end; the method specifically comprises the following steps:
the memory compares the encryption level of the data output end with the encryption level stored in the memory, and if the comparison result is consistent, the memory sends the encrypted ciphertext of the public key PK2, the government affair big data ciphertext and the abstract to the data output end, and sends a data call notification to the data sending end.
9. The method for government affair big data encryption transmission and safe storage according to claim 1, wherein the data output end decrypts the received data after receiving the data, extracts the digest, compares the extracted digest with the digest in the received data, and outputs and displays the decrypted data if the extracted digest is the same as the digest in the received data, and specifically comprises:
after the data output end receives the data, the private key SK1 is used for decrypting the ciphertext encrypted by the public key PK2 to obtain a public key PK 1;
decrypting the big government data ciphertext according to the public key PK1 to obtain decrypted big government data;
carrying out abstract extraction on the decrypted government affair big data;
and comparing the extracted abstract with the abstract in the received data, and if the extracted abstract and the abstract in the received data are the same, outputting and displaying the decrypted data.
10. A system for government affair big data encryption transmission and safe storage is characterized by comprising: the system comprises a sending end, a storage and a receiving end which are connected in sequence;
a data sender configured to: abstract extraction is carried out on the acquired government affair big data; determining the encryption level of the abstract; encrypting the government affair big data according to the encryption level to generate a government affair big data cipher text;
a data sender configured to: sending the government affair big data cipher text, the abstract and the encryption level to a memory for storage;
a data output configured to: sending a government affair big data acquisition request to a memory;
a memory configured to: confirming the encryption level of the data output end, if the confirmation is passed, sending the government affair big data cipher text and the abstract to the data output end by the memory, and sending a data called notice to the data sending end;
a data output configured to: after receiving the data, decrypting the received data, extracting the abstract, comparing the extracted abstract with the abstract in the received data, and if the extracted abstract and the abstract in the received data are the same, outputting and displaying the decrypted data; and if the comparison result is inconsistent, discarding the decrypted packet and sending the retransmission data request to the memory again.
CN202110400950.3A 2021-04-14 2021-04-14 Method and system for government affair big data encryption transmission and safe storage Active CN113225318B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110400950.3A CN113225318B (en) 2021-04-14 2021-04-14 Method and system for government affair big data encryption transmission and safe storage

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110400950.3A CN113225318B (en) 2021-04-14 2021-04-14 Method and system for government affair big data encryption transmission and safe storage

Publications (2)

Publication Number Publication Date
CN113225318A true CN113225318A (en) 2021-08-06
CN113225318B CN113225318B (en) 2022-09-20

Family

ID=77087183

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110400950.3A Active CN113225318B (en) 2021-04-14 2021-04-14 Method and system for government affair big data encryption transmission and safe storage

Country Status (1)

Country Link
CN (1) CN113225318B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114374519A (en) * 2021-12-09 2022-04-19 深圳太极数智技术有限公司 Data transmission method, system and equipment
CN115277143A (en) * 2022-07-19 2022-11-01 中天动力科技(深圳)有限公司 Data secure transmission method, device, equipment and storage medium

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102811224A (en) * 2012-08-02 2012-12-05 天津赢达信科技有限公司 Method, device and system for implementation of SSL (secure socket layer)/TLS (transport layer security) connection
CN105915520A (en) * 2016-04-18 2016-08-31 深圳大学 File storage and searching method based on public key searchable encryption, and storage system
CN106682069A (en) * 2016-11-14 2017-05-17 湖南工业大学 User-controllable data retravel method and data storage method, terminal and system
CN108632248A (en) * 2018-03-22 2018-10-09 平安科技(深圳)有限公司 Data ciphering method, data query method, apparatus, equipment and storage medium
CN111639355A (en) * 2020-06-02 2020-09-08 南方电网科学研究院有限责任公司 Data security management method and system
CN111666611A (en) * 2020-06-09 2020-09-15 安徽拔沃乎机电科技有限公司 Method for improving safety transmission grade of encrypted data
CN111769934A (en) * 2020-07-08 2020-10-13 深圳思凯微电子有限公司 Data transmission method, system and computer readable storage medium
CN112131593A (en) * 2020-09-29 2020-12-25 深圳壹账通智能科技有限公司 Information-based feature encryption method, device, equipment and storage medium
CN112329042A (en) * 2020-11-17 2021-02-05 季速漫 Big data secure storage system and method

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102811224A (en) * 2012-08-02 2012-12-05 天津赢达信科技有限公司 Method, device and system for implementation of SSL (secure socket layer)/TLS (transport layer security) connection
CN105915520A (en) * 2016-04-18 2016-08-31 深圳大学 File storage and searching method based on public key searchable encryption, and storage system
CN106682069A (en) * 2016-11-14 2017-05-17 湖南工业大学 User-controllable data retravel method and data storage method, terminal and system
CN108632248A (en) * 2018-03-22 2018-10-09 平安科技(深圳)有限公司 Data ciphering method, data query method, apparatus, equipment and storage medium
CN111639355A (en) * 2020-06-02 2020-09-08 南方电网科学研究院有限责任公司 Data security management method and system
CN111666611A (en) * 2020-06-09 2020-09-15 安徽拔沃乎机电科技有限公司 Method for improving safety transmission grade of encrypted data
CN111769934A (en) * 2020-07-08 2020-10-13 深圳思凯微电子有限公司 Data transmission method, system and computer readable storage medium
CN112131593A (en) * 2020-09-29 2020-12-25 深圳壹账通智能科技有限公司 Information-based feature encryption method, device, equipment and storage medium
CN112329042A (en) * 2020-11-17 2021-02-05 季速漫 Big data secure storage system and method

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
俞国红: "SSL握手协议", 《电子商务安全》 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114374519A (en) * 2021-12-09 2022-04-19 深圳太极数智技术有限公司 Data transmission method, system and equipment
CN115277143A (en) * 2022-07-19 2022-11-01 中天动力科技(深圳)有限公司 Data secure transmission method, device, equipment and storage medium
CN115277143B (en) * 2022-07-19 2023-10-20 中天动力科技(深圳)有限公司 Data security transmission method, device, equipment and storage medium

Also Published As

Publication number Publication date
CN113225318B (en) 2022-09-20

Similar Documents

Publication Publication Date Title
US11936774B2 (en) Determining a common secret for the secure exchange of information and hierarchical, deterministic cryptographic keys
CN113489585B (en) Identity authentication method and system of terminal equipment, storage medium and electronic equipment
Sahai et al. Worry-free encryption: functional encryption with public keys
CN102263638B (en) Authenticating device, authentication method and signature generation device
CN109559122A (en) Block chain data transmission method and block chain data transmission system
US8661240B2 (en) Joint encryption of data
CN111131278B (en) Data processing method and device, computer storage medium and electronic equipment
CN113225318B (en) Method and system for government affair big data encryption transmission and safe storage
US20190379536A1 (en) Certificated quantum cryptography system and method
CN113141247B (en) Homomorphic encryption method, homomorphic encryption device, homomorphic encryption system and readable storage medium
CN112732695B (en) Cloud storage data security deduplication method based on block chain
US9544144B2 (en) Data encryption
US20210367772A1 (en) Computer implemented system and method for sharing a common secret
CN116599665A (en) Block chain data transmission method and related device
CN112382376A (en) Medical instrument management tracing system based on block chain
EP3309995B1 (en) Key exchange method, key exchange system, key distribution device, communication device, and program
CN112800462A (en) Method for storing confidential information in cloud computing environment
CN108933659A (en) A kind of authentication system and verification method of smart grid
CN112954388A (en) Data file acquisition method and device, terminal equipment and storage medium
CN113868715A (en) Signature method and system based on quantum key
Bhatia Cryptography-The Hidden Message
CN115865524A (en) Data secure transmission method and system
Oleksik et al. Methods for data validation using QR codes
Wan et al. ACMHS: Efficient access control for mobile health care system
CN116684082A (en) Content filtering signature and encryption method of ChatGPT based on post quantum cryptography

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant